package org.apache.james.modules.server;

import com.github.fge.lambdas.Throwing;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Splitter;
import com.google.common.collect.ImmutableList;
import com.google.inject.AbstractModule;
import com.google.inject.Provider;
import com.google.inject.Provides;
import com.google.inject.Scopes;
import com.google.inject.Singleton;
import com.google.inject.multibindings.Multibinder;
import com.google.inject.multibindings.ProvidesIntoSet;
import java.io.FileNotFoundException;
import java.nio.charset.StandardCharsets;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.inject.Named;
import org.apache.commons.configuration2.Configuration;
import org.apache.commons.io.FileUtils;
import org.apache.james.filesystem.api.FileSystem;
import org.apache.james.jwt.JwtConfiguration;
import org.apache.james.jwt.JwtTokenVerifier;
import org.apache.james.server.task.json.dto.AdditionalInformationDTO;
import org.apache.james.server.task.json.dto.AdditionalInformationDTOModule;
import org.apache.james.task.TaskExecutionDetails;
import org.apache.james.utils.ClassName;
import org.apache.james.utils.ExtensionConfiguration;
import org.apache.james.utils.GuiceGenericLoader;
import org.apache.james.utils.GuiceProbe;
import org.apache.james.utils.InitializationOperation;
import org.apache.james.utils.InitilizationOperationBuilder;
import org.apache.james.utils.NamingScheme;
import org.apache.james.utils.PropertiesProvider;
import org.apache.james.utils.WebAdminGuiceProbe;
import org.apache.james.webadmin.FixedPortSupplier;
import org.apache.james.webadmin.PortSupplier;
import org.apache.james.webadmin.RandomPortSupplier;
import org.apache.james.webadmin.Routes;
import org.apache.james.webadmin.TlsConfiguration;
import org.apache.james.webadmin.WebAdminConfiguration;
import org.apache.james.webadmin.WebAdminServer;
import org.apache.james.webadmin.authentication.AuthenticationFilter;
import org.apache.james.webadmin.authentication.JwtFilter;
import org.apache.james.webadmin.authentication.NoAuthenticationFilter;
import org.apache.james.webadmin.mdc.RequestLogger;
import org.apache.james.webadmin.utils.JsonTransformer;
import org.apache.james.webadmin.utils.JsonTransformerModule;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/james/modules/server/WebAdminServerModule.class */
public class WebAdminServerModule extends AbstractModule {
    private static final boolean DEFAULT_JWT_DISABLED = false;
    private static final boolean DEFAULT_DISABLED = false;
    private static final boolean DEFAULT_CORS_DISABLED = false;
    private static final boolean DEFAULT_HTTPS_DISABLED = false;
    private static final Logger LOGGER = LoggerFactory.getLogger(WebAdminServerModule.class);
    private static final String DEFAULT_NO_CORS_ORIGIN = null;
    private static final String DEFAULT_NO_KEYSTORE = null;
    private static final String DEFAULT_NO_PASSWORD = null;
    private static final String DEFAULT_NO_TRUST_KEYSTORE = null;
    private static final String DEFAULT_NO_TRUST_PASSWORD = null;
    private static final Splitter SPLITTER = Splitter.on(',').trimResults().omitEmptyStrings();

    protected void configure() {
        install(new TaskRoutesModule());
        install(new HealthCheckRoutesModule());
        bind(JsonTransformer.class).in(Scopes.SINGLETON);
        bind(WebAdminServer.class).in(Scopes.SINGLETON);
        Multibinder.newSetBinder(binder(), GuiceProbe.class).addBinding().to(WebAdminGuiceProbe.class);
        Multibinder.newSetBinder(binder(), JsonTransformerModule.class);
        Multibinder.newSetBinder(binder(), RequestLogger.class);
    }

    @Singleton
    @Provides
    @Named("webAdminRoutes")
    public List<Routes> provideRoutes(GuiceGenericLoader guiceGenericLoader, WebAdminConfiguration webAdminConfiguration, Set<Routes> set) {
        Stream map = webAdminConfiguration.getAdditionalRoutes().stream().map(ClassName::new);
        GuiceGenericLoader.InvocationPerformer withNamingSheme = guiceGenericLoader.withNamingSheme(NamingScheme.IDENTITY);
        Objects.requireNonNull(withNamingSheme);
        return ImmutableList.builder().addAll(set).addAll((List) map.map(Throwing.function(withNamingSheme::instantiate)).peek(routes -> {
            LOGGER.info("Loading WebAdmin route extension {}", routes.getClass().getCanonicalName());
        }).collect(ImmutableList.toImmutableList())).build();
    }

    @Singleton
    @Provides
    @Named("custom-webadmin-dto")
    public Set<AdditionalInformationDTOModule<? extends TaskExecutionDetails.AdditionalInformation, ? extends AdditionalInformationDTO>> provideAdditionalDTOs(GuiceGenericLoader guiceGenericLoader, ExtensionConfiguration extensionConfiguration) {
        Stream stream = extensionConfiguration.getTaskExtensions().stream();
        GuiceGenericLoader.InvocationPerformer withNamingSheme = guiceGenericLoader.withNamingSheme(NamingScheme.IDENTITY);
        Objects.requireNonNull(withNamingSheme);
        return (Set) stream.map(Throwing.function(withNamingSheme::instantiate)).map((v0) -> {
            return v0.taskAdditionalInformationDTOModules();
        }).flatMap((v0) -> {
            return v0.stream();
        }).collect(Collectors.toSet());
    }

    @Singleton
    @Provides
    public WebAdminConfiguration provideWebAdminConfiguration(FileSystem fileSystem, PropertiesProvider propertiesProvider) throws Exception {
        try {
            Configuration configuration = propertiesProvider.getConfiguration("webadmin");
            return WebAdminConfiguration.builder().enable(configuration.getBoolean("enabled", false)).port(port(configuration)).tls(readHttpsConfiguration(configuration)).enableCORS(configuration.getBoolean("cors.enable", false)).urlCORSOrigin(configuration.getString("cors.origin", DEFAULT_NO_CORS_ORIGIN)).host(configuration.getString("host", "localhost")).additionalRoutes(additionalRoutes(configuration)).jwtPublicKeyPEM(loadPublicKey(fileSystem, Optional.ofNullable(configuration.getString("jwt.publickeypem.url", (String) null)))).maxThreadCount(Optional.ofNullable(configuration.getInteger("maxThreadCount", (Integer) null))).minThreadCount(Optional.ofNullable(configuration.getInteger("minThreadCount", (Integer) null))).build();
        } catch (FileNotFoundException e) {
            LOGGER.info("No webadmin.properties file. Disabling WebAdmin interface.");
            return WebAdminConfiguration.DISABLED_CONFIGURATION;
        }
    }

    private PortSupplier port(Configuration configuration) {
        int i = configuration.getInt("port", 8080);
        return i == 0 ? new RandomPortSupplier() : new FixedPortSupplier(i);
    }

    @VisibleForTesting
    ImmutableList<String> additionalRoutes(Configuration configuration) {
        return ImmutableList.copyOf(configuration.getStringArray("extensions.routes"));
    }

    private Optional<String> loadPublicKey(FileSystem fileSystem, Optional<String> optional) {
        return optional.map(Throwing.function(str -> {
            return FileUtils.readFileToString(fileSystem.getFile(str), StandardCharsets.US_ASCII);
        }));
    }

    @Singleton
    @Provides
    public AuthenticationFilter providesAuthenticationFilter(PropertiesProvider propertiesProvider, @Named("webadmin") JwtTokenVerifier.Factory factory) throws Exception {
        try {
            return propertiesProvider.getConfiguration("webadmin").getBoolean("jwt.enabled", false) ? new JwtFilter(factory) : new NoAuthenticationFilter();
        } catch (FileNotFoundException e) {
            return new NoAuthenticationFilter();
        }
    }

    @Singleton
    @Provides
    @Named("webadmin")
    JwtTokenVerifier.Factory providesJwtTokenVerifier(WebAdminConfiguration webAdminConfiguration, @Named("jmap") Provider<JwtTokenVerifier> provider) {
        return () -> {
            Optional map = webAdminConfiguration.getJwtPublicKey().map(str -> {
                return new JwtConfiguration(ImmutableList.of(str));
            }).map(JwtTokenVerifier::create);
            Objects.requireNonNull(provider);
            return (JwtTokenVerifier) map.orElseGet(provider::get);
        };
    }

    private Optional<TlsConfiguration> readHttpsConfiguration(Configuration configuration) {
        return configuration.getBoolean("https.enabled", false) ? Optional.of(TlsConfiguration.builder().raw(configuration.getString("https.keystore", DEFAULT_NO_KEYSTORE), configuration.getString("https.password", DEFAULT_NO_PASSWORD), configuration.getString("https.trust.keystore", DEFAULT_NO_TRUST_KEYSTORE), configuration.getString("https.trust.password", DEFAULT_NO_TRUST_PASSWORD)).build()) : Optional.empty();
    }

    @ProvidesIntoSet
    InitializationOperation workQueue(WebAdminServer webAdminServer) {
        InitilizationOperationBuilder.RequireInit forClass = InitilizationOperationBuilder.forClass(WebAdminServer.class);
        Objects.requireNonNull(webAdminServer);
        return forClass.init(webAdminServer::start);
    }
}
